github
/
teleport
mirror of https://github.com/tp4a/teleport
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

.tmp.

pull/105/head
Apex Liu 2018-05-02 01:58:51 +08:00
parent 39c94b67be
commit 7dfd756324
6 changed files with 67 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/tp_core/core/ts_http_rpc.cpp
View File

@ -453,7 +453,7 @@ void TsHttpRpc::_rpc_func_set_config(const Json::Value& json_param, ex_astr& buf
//static TppManager g_tpp_mgr;
EXLOGV("[core] no-op timeout set to %d minutes.\n", noop_timeout);
g_tpp_mgr.set_config(noop_timeout);
g_tpp_mgr.set_config(noop_timeout * 60);
// Json::Value jr_data;

8
server/www/teleport/static/js/teleport/controls.js vendored
View File

@ -718,8 +718,8 @@ $tp.create_table = function (options) {
};
_tbl.paging_jump = function (page_index) {
console.log('jump:', page_index);
_tbl.page_index = page_index || 0;
//_tbl.page_index -= 1;
_tbl.load_data(CALLBACK_STACK.create(), {});
};
@ -1240,7 +1240,7 @@ $tp.create_table_paging = function (tbl, dom_id, options) {
if (_val === _tblp.page_current)
return;
_tblp._table_ctrl.paging_jump(_val);
_tblp._table_ctrl.paging_jump(_val - 1);
}
});
@ -1296,6 +1296,8 @@ $tp.create_table_paging = function (tbl, dom_id, options) {
$('#' + _tblp.dom_id + " [data-field='page_total']").html(_page_total);
$('#' + _tblp.dom_id + ' [data-field="jump-to-page"]').val(_page_index);
_tblp.page_current = _page_index;
cb_stack.exec();
};
@ -1646,7 +1648,7 @@ $tp.create_table_header_filter_state = function (tbl, name, states, exclude_ids)
_tblf.get_filter = function () {
var ret = {};
if(_tblf.default_value === _tblf.filter_value)
if (_tblf.default_value === _tblf.filter_value)
return ret;
ret[_tblf.name] = _tblf.filter_value;
return ret;

49
server/www/teleport/webroot/app/base/database/create.py
View File

@ -15,6 +15,7 @@ class DatabaseInit:
def do_create_and_init(self, sysadmin, email, password):
try:
self._create_config()
self._create_core_server()
self._create_role()
self._create_user()
self._create_user_rpt()
@ -79,6 +80,35 @@ class DatabaseInit:
'CREATE TABLE `{}config` ({});'.format(self.db.table_prefix, ','.join(f))
)
def _create_core_server(self):
""" 核心服务(为分布式准备)
特别注意分布式部署时核心服务的RPC通讯端口仅允许来自web服务的IP访问
"""
f = list()
# id: 自增主键
f.append('`id` integer PRIMARY KEY {}'.format(self.db.auto_increment))
# sn: 核心服务主机编号4位数字构成的字符串全0表示运行在与web服务同一台主机上
f.append('`sn` varchar(5) NOT NULL')
# desc: 核心服务主机描述
f.append('`desc` varchar(255) DEFAULT ""')
# secret: 核心服务主机密钥核心服务主机需要配置此密钥才能连接web服务
f.append('`secret` varchar(64) DEFAULT ""')
# ip: 核心服务主机的RPC服务IP和端口用于合成RPC访问地址例如 http://127.0.0.1:52080/rpc
f.append('`ip` varchar(128) NOT NULL')
f.append('`port` int(11) DEFAULT 0')
# state: 状态1=正常2=禁用3=离线4=重启中5=版本不匹配
f.append('`state` int(3) DEFAULT 1')
self._db_exec(
'创建核心服务器表...',
'CREATE TABLE `{}core_server` ({});'.format(self.db.table_prefix, ','.join(f))
)
def _create_role(self):
""" 角色
"""
@ -122,6 +152,8 @@ class DatabaseInit:
f.append('`surname` varchar(64) DEFAULT ""')
# type 1=本地账号2=LDAP待扩展
f.append('`type` int(11) DEFAULT 1')
# ldap_dn: 用户的ldap全路径名称仅用于LDAP导入的用户
f.append('`ldap_dn` varchar(128) DEFAULT ""')
# avatar: 用户头像图片地址
f.append('`avatar` varchar(64) DEFAULT ""')
# auth_type: 0=使用全局设置,其他参考 TP_LOGIN_AUTH_XXX 系列值
@ -192,7 +224,7 @@ class DatabaseInit:
# id: 自增主键
f.append('`id` integer PRIMARY KEY {}'.format(self.db.auto_increment))
# type 2=用户组4=远程账号组6=资产组(主机)
f.append('`type` int(11) DEFAULT 1')
f.append('`type` int(11) DEFAULT 0')
# name: 组名称
f.append('`name` varchar(128) DEFAULT ""')
# desc: 详细描述
@ -705,9 +737,15 @@ class DatabaseInit:
# id: 自增主键
f.append('`id` integer PRIMARY KEY {}'.format(self.db.auto_increment))
# flag: 是否已审查/是否要永久保留
# core_uuid:
f.append('`core_sn` varchar(5) DEFAULT "0000"')
# flag: 是否已审查/是否要永久保留异或方式设置0=初始1=已审查2=要永久保留
f.append('`flag` int(11) DEFAULT 0')
# reason: 本次运维的原因
f.append('`reason` varchar(255) DEFAULT ""')
# sid: 会话ID
f.append('`sid` varchar(32) DEFAULT ""')
@ -789,6 +827,13 @@ class DatabaseInit:
'INSERT INTO `{}config` (`name`, `value`) VALUES ("db_ver", "{}");'.format(self.db.table_prefix, self.db.DB_VERSION)
)
self._db_exec(
'设置本地核心服务',
'INSERT INTO `{}core_server` (`sn`, `secret`, `ip`, `port`, `state`) VALUES '
'("0000", "", "127.0.0.1", 52080, 1);'
''.format(self.db.table_prefix)
)
privilege_admin = TP_PRIVILEGE_ALL
privilege_ops = TP_PRIVILEGE_LOGIN_WEB | TP_PRIVILEGE_OPS
privilege_audit = TP_PRIVILEGE_LOGIN_WEB | TP_PRIVILEGE_AUDIT

4
server/www/teleport/webroot/app/base/db.py
View File

@ -12,7 +12,7 @@ from app.base.configs import tp_cfg
from app.base.utils import AttrDict, tp_make_dir
from app.base.logger import log
from .database.create import DatabaseInit
#from .database.upgrade import DatabaseUpgrade
# from .database.upgrade import DatabaseUpgrade
from .database.export import export_database
__all__ = ['get_db', 'SQL']
@ -788,7 +788,7 @@ class SQL:
if self._limit is not None:
if self._ret_total_recorder <= self._limit['page_index'] * self._limit['per_page']:
self._ret_page_index = int(self._ret_total_recorder / self._limit['per_page']) - 1
self._ret_page_index = int(self._ret_total_recorder / self._limit['per_page'])
if self._ret_page_index < 0:
self._ret_page_index = 0
else:

6
server/www/teleport/webroot/app/model/stats.py
View File

@ -8,13 +8,15 @@ from app.base.utils import tp_timestamp_utc_now
def get_basic_stats():
db = get_db()
ret = {'user': 0,
'host': 0,
'acc': 0,
'conn': 0
}
if db.need_create or db.need_upgrade:
return TPE_EXISTS, ret
sql = 'SELECT COUNT(*) FROM `{tpdb}user`;'.format(tpdb=db.table_prefix)
db_ret = db.query(sql)
if not db_ret or len(db_ret) == 0:
@ -53,6 +55,8 @@ def update_temp_locked_user_state():
_lock_time = tp_timestamp_utc_now() - (sys_cfg.login.lock_timeout * 60)
db = get_db()
if db.need_create or db.need_upgrade:
return
sql = 'UPDATE `{}user` SET state={new_state}, lock_time=0, fail_count=0 WHERE (state={old_state} AND lock_time<{lock_time});' \
''.format(db.table_prefix, new_state=TP_STATE_NORMAL, old_state=TP_STATE_LOCKED, lock_time=_lock_time)

14
server/www/teleport/webroot/app/model/user.py
View File

@ -69,13 +69,13 @@ def login(handler, username, password=None, oath_code=None):
user_info.fail_count = 0
user_info.state = TP_STATE_NORMAL
if user_info['state'] == TP_STATE_LOCKED:
syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_LOCKED, '用户已被临时锁定')
syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_LOCKED, '登录失败,用户已被临时锁定')
return TPE_USER_LOCKED, None
elif user_info['state'] == TP_STATE_DISABLED:
syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_DISABLED, '用户已被禁用')
syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_DISABLED, '登录失败,用户已被禁用')
return TPE_USER_DISABLED, None
elif user_info['state'] != TP_STATE_NORMAL:
syslog.sys_log(user_info, handler.request.remote_ip, TPE_FAILED, '用户身份验证失败,系统内部错误')
syslog.sys_log(user_info, handler.request.remote_ip, TPE_FAILED, '登录失败,用户状态异常')
return TPE_FAILED, None
err_msg = ''
@ -87,8 +87,8 @@ def login(handler, username, password=None, oath_code=None):
if not tp_password_verify(password, user_info['password']):
err, is_locked = update_fail_count(handler, user_info)
if is_locked:
err_msg = '用户被临时锁定'
syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_AUTH, '登录失败,密码错误{}'.format(err_msg))
err_msg = '用户被临时锁定'
syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_AUTH, '登录失败,密码错误{}'.format(err_msg))
return TPE_USER_AUTH, None
if oath_code is not None:
@ -99,8 +99,8 @@ def login(handler, username, password=None, oath_code=None):
if not tp_oath_verify_code(user_info['oath_secret'], oath_code):
err, is_locked = update_fail_count(handler, user_info)
if is_locked:
err_msg = '用户被临时锁定!'
syslog.sys_log(user_info, handler.request.remote_ip, TPE_OATH_MISMATCH, "登录失败,身份验证器动态验证码错误{}".format(err_msg))
err_msg = '用户被临时锁定!'
syslog.sys_log(user_info, handler.request.remote_ip, TPE_OATH_MISMATCH, "登录失败,身份验证器动态验证码错误{}".format(err_msg))
return TPE_OATH_MISMATCH, None
del user_info['password']